package com.elecbook.auth.config;

import com.elecbook.auth.config.properties.OauthServerProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;

import javax.annotation.Resource;

/**
 * description 资源服务器配置
 *
 * @author zken
 * CreateDate 2024/11/1 15:17:11
 */
@Configuration
@EnableResourceServer
public class CustomResourceService implements ResourceServerConfigurer {
    @Resource
    TokenStore tokenStore;

    // 自定义服务器配置列
    @Autowired
    OauthServerProperties oauthServerProperties;

    /**
     * description 设置token的类型
     * 可能因为没有在资源服务器中设置此选项，所以，解析错误
     *
     * @author zken
     * CreateDate 2024/11/1 23:26:06
     */
    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources.resourceId(oauthServerProperties.getProjectResourceId())
                .tokenStore(tokenStore)
                .stateless(true); // 设置无状态（因为jwt)
    }


    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .authorizeRequests()
                // 调试内容
                .antMatchers("/doc.html/**").permitAll()
                .antMatchers("/webjars/**").permitAll()
                .antMatchers("/swagger-resources/**").permitAll()
                .antMatchers("/v2/**").permitAll()
                .antMatchers("/oauth/**", "/login/**", "/logout/**").permitAll()
                .anyRequest().authenticated()
                .and()
                .requestMatchers()
                .antMatchers("/user/**");

    }
}
